wireguard: update patch from nixpkgs#128014

[sourcephile-nix.git] / hosts / losurdo / gitolite.nix

diff --git a/hosts/losurdo/gitolite.nix b/hosts/losurdo/gitolite.nix
index d7bdd1b9aeb69cfddbf1d2f369b446c3517fee57..9a7220916c45a4cf858355e4234d1a2c03e1a2cc 100644 (file)
--- a/hosts/losurdo/gitolite.nix
+++ b/hosts/losurdo/gitolite.nix
@@ -1,24 +1,19 @@
 { pkgs, lib, config, inputs, hostName, ... }:
 let
-  inherit (lib) types;
-  inherit (config) networking;
-  inherit (config.services) gitolite;
-  inherit (config.users) users groups;
+  inherit (config.users) users;
   gitolite-admin = "julm";
 in
 {
 environment.systemPackages = [ pkgs.gitolite ];
 services.gitolite = {
   enable = true;
-  user   = "git";
-  group  = users."git".name;
-  adminPubkey =
-    builtins.readFile (inputs.secrets + "/members/ssh/julm.pub") +
-    builtins.readFile (inputs.secrets + "/members/ssh/julm-losurdo.pub");
+  user = "git";
+  group = users."git".name;
+  adminPubkey = lib.concatStringsSep "\n" users.${gitolite-admin}.openssh.authorizedKeys.keys;
   extraGitoliteRc = ''
-    $RC{UMASK}           = 0027; # NOTE: no quote around in Perl, so it's octal
-    $RC{LOG_DEST}        = 'repo-log,syslog';
-    $RC{LOG_FACILITY}    = 'local0';
+    $RC{UMASK} = 0027; # NOTE: no quote around in Perl, so it's octal
+    $RC{LOG_DEST} = 'repo-log,syslog';
+    $RC{LOG_FACILITY} = 'local0';
     #$RC{GIT_CONFIG_KEYS} = 'hooks.* gitweb.*';
     $RC{GIT_CONFIG_KEYS} = '.*';
     #$RC{LOCAL_CODE} = "$rc{GL_ADMIN_BASE}/local"
@@ -44,4 +39,15 @@ fileSystems."/var/lib/gitolite" = {
   device = "${hostName}/var/git";
   fsType = "zfs";
 };
+services.sanoid.datasets."${hostName}/var/git" = {
+  use_template = [ "snap" ];
+  daily = 7;
+};
+programs.git = {
+  enable = true;
+  package = pkgs.gitMinimal;
+  config = {
+    init.defaultBranch = "main";
+  };
+};
 }